Vehicle Segment Certificate Management Using Shared Certificate Schemes

a technology of shared certificates and vehicle segments, applied in the direction of public key infrastructure trust models, wireless communication, transportation and packaging, etc., can solve the problems of limited vehicle privacy, no method proposed to date has completely satisfied all design goals, and the balance between scalability and privacy is not easy to achieve. achieve the effect of improving vehicle privacy and enhancing vehicle privacy

Active Publication Date: 2008-09-25
TELCORDIA TECHNOLOGIES INC
View PDF7 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Defining a method for managing 1609.2 Certificate Signing Request (CSR) or other anonymous certificates for the Vehicle Infrastructure Integration (VII) system is a very difficult, complex, and multi-faceted technical challenge.
No method proposed to date has completely satisfied all design goals.
However, the balance among scalability, privacy, and performance in this category is limited.
Thus, any activity related to a particular key and certificate cannot be traced to a single vehicle because the number of vehicles potentially originating such activity is very large.
The certificate revocation and replacement methods in the basic combinatorial schemes have limitations.
At this point, it is hard to detect which vehicle generated the maliciously prepared message as several vehicles were assigned key k and thus any one of them could have potentially acted maliciously.
In addition, the method in the basic combinatorial schemes for revoking g>1 certificates at a time and giving each requesting vehicle randomly selected certificates will result in unpredictable (uncontrollable) distributions of certificates among vehicles This means that the privacy, scalability, and performance of the certificate management system will become unknown and unmanageable over time.
However, certificate revocation and replacement methods in the basic combinatorial certificate schemes have several crucial limitations that need to be overcome.
First, they cannot support a moderate to high number of attackers.
Second, they will result in unpredictable and uncontrollable probability distributions of certificates among vehicles, resulting in unpredictable and uncontrollable system scalability and performance.
Third, they are missing some necessary methods to ensure the continuous operation of the certificate management system.
For example, they use a fixed rekey threshold to determine which vehicles should no longer be allowed to receive new anonymous certificates, but do not provide a method for decrementing or resetting the rekey counters.
Anonymous Certificate: A certificate associated with a public-private key pair that, when used by vehicles, will not enable the identification and tracking of vehicles.
Anonymous private keys are highly confidential and any compromise of an anonymous key can threaten the integrity of the VII system.
It is computationally infeasible to derive a private key from a public key.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vehicle Segment Certificate Management Using Shared Certificate Schemes
  • Vehicle Segment Certificate Management Using Shared Certificate Schemes
  • Vehicle Segment Certificate Management Using Shared Certificate Schemes

Examples

Experimental program
Comparison scheme
Effect test

case 1

[0159]Single Malicious Vehicle: More formally, assume that one particular vehicle uses one of its anonymous triples k for some malicious activity that is detected by an RSE. As a consequence, the triple k as well as additional triples k(1), . . . k(c) are revoked. At this point, it is hard to detect which vehicle generated the malicious message as several vehicles were assigned triple k and thus any one of them could have potentially acted maliciously.

[0160]However, unlike in the basic combinatorial scheme, not all vehicles that previously shared triple k receive the same new triple k′ upon completion of their update request, as each of them may receive any of the additional new triples k′(i) with some probability. Now, if the previously malicious vehicle continues its malicious activity using the new triple k′, thus forcing this new triple to be revoked again, the set S(k) of vehicles that share k′ with the malicious vehicle is largely different from the set S(k′) of vehicles that ...

case 2

[0167]Multiple Malicious Vehicles: The above analysis assumed the existence of a single vehicle that sends maliciously generated messages. A much more realistic scenario might involve multiple vehicles that at any given time are concurrently sending maliciously computed messages, potentially from different geographic locations. In fact, the worst case scenario is a large-scale attack where every triple in the pool is used by one or more vehicles to send malicious messages. As we now describe in more detail, by making a number of reasonable assumptions on the distribution of vehicles and on the distribution of attackers, the analysis of this apparently more involved scenario follows from a careful extension of the previous analysis for a single attacking vehicle.

[0168]In addition to the already defined parameters N, n, b, c, L, t, V, u, we consider the number of RSE's or geographic areas g in the country. Each geographic area can have lower or higher vehicle density, with potentially...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position.

Description

CROSS REFERENCE TO RELATED APPLICATION[0001]The present invention claims the benefit of U.S. provisional patent application 60 / 918,742 filed Mar. 19, 2007, the entire contents and disclosure of which is incorporated herein by reference.[0002]This application is related to commonly-owned, co-pending U.S. patent application Ser. No. 12 / 012,454 filed on Feb. 1, 2008, the entire contents and disclosure of which is expressly incorporated by reference as if fully set forth herein.[0003]This application is related to the following commonly-owned, co-pending U.S. patent application filed on even date herewith, the entire contents and disclosure of which is expressly incorporated by reference as if fully set forth herein. U.S. patent application Ser. No. (APP1836), for “VEHICLE SEGMENT CERTIFICATE MANAGEMENT USING SHORT-LIVED, UNLINKED CERTIFICATE SCHEMES”.FIELD OF THE INVENTION[0004]The present invention relates generally to vehicle segment certificate management. In particular, the inventi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L9/06
CPCH04L9/002H04L9/006H04L9/08H04L9/0891H04L2209/84H04L9/0872H04L2209/42H04W12/041H04W12/121H04W12/122H04W4/44
Inventor DI CRESCENZO, GIOVANNIPIETROWICZ, STANLEYVAN DEN BERG, ERICWHITE, ROBERT G.ZHANG, TAO
Owner TELCORDIA TECHNOLOGIES INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap